Privacy Policy

1. Application Purpose

CollectX is an enterprise workforce and field operations application designed to support operational workflows such as:

• Employee attendance and punch-in/punch-out management
• Field visit tracking and verification
• Customer visit feedback and operational reporting
• Collection and recovery workflow management
• Branch and field activity monitoring
• Distance calculation and travel reimbursement verification
• Customer document and proof upload
• Team allocation and field staff management
• Offline data synchronization and operational reporting

2. Eligibility and Authorized Access

Access to CollectX is restricted to users who are created, provisioned, and approved by authorized administrators of the organization. Individual users cannot self-register or activate accounts without administrator approval.

Without valid approval or credentials, users may not access protected Application functionality.

3. Information We Collect

Depending on the workflows used within the Application, we may collect the following categories of information.

3.1 Account and Employee Information

We may collect:

• Full name
• Employee ID
• Username
• Email address
• Mobile number
• Branch or department information
• Role and designation
• Company or tenant association
• Authentication and session information

This information is used to authenticate users, assign workflows, maintain operational records, and secure access to enterprise resources.

4. Location Information

4.1 Precise Location Data

The Application may collect precise GPS-based location information during active work sessions.

• Attendance verification
• Employee field activity validation
• Customer visit verification
• Distance calculation and reimbursement workflows
• Operational tracking
• Fraud prevention and audit purposes

4.2 Background Location Collection

The Application may collect location data while the Application is running in the background.

Background location collection begins only after a field employee starts an active work session by performing a punch-in action within the Application.

Background tracking continues during the active work session and automatically stops after:

• Punch-out
• End of shift
• Manual work-session completion

Location tracking occurs periodically at approximately 15-minute intervals.

Background location collection is used strictly for operational workforce management purposes including:

• Attendance authenticity
• Visit verification
• Distance calculation
• Employee field tracking during active work periods

Users may disable device GPS or revoke location permissions through Android device settings; however, doing so may impact Application functionality.

Authorized administrators may review operational location data associated with active field work sessions.

5. Customer and Operational Data

The Application may process operational business information required for debt collection, field verification, customer follow-up, and related business workflows.

This information may include:

• Customer names
• Customer contact numbers
• Customer addresses
• Loan or account identifiers
• Outstanding balance information
• EMI or installment information
• Recovery and collection status
• Payment follow-up details
• Visit feedback and remarks
• Operational notes
• Case status information

The Application does not process payment card information and does not directly process financial transactions or payment gateway operations.

6. Contact Information Access

The Application may request permission to access device contacts for customer follow-up workflows.

Important clarifications:

• The Application does not upload the entire device contact list.
• Contacts are not automatically synchronized.
• Only user-selected contact details may be uploaded to the backend system.
• Users may manually enter phone numbers instead of selecting contacts.
• Contact access is optional and user-controlled.

7. Camera, Media, and Document Access

The Application may request access to:

• Camera
• Photos
• Media files
• Documents

This access is required for operational workflows such as:

• Visit verification
• Customer proof collection
• Branch verification
• Recovery proof capture
• Salary slip or document upload
• Work evidence submission
• Payment proof image upload

Uploaded images or documents may contain:

• Customer interaction photographs
• Payment slips
• Verification documents
• Operational proof images
• Field work evidence

8. Notifications

The Application may send operational notifications related to:

• Attendance reminders
• Punch-in or punch-out workflows
• Sync status
• Operational alerts
• Assignment updates
• Location tracking status
• Session updates
• Follow-up reminders

9. Offline Storage and Synchronization

To support offline workflows and unstable network conditions, the Application may temporarily store operational data locally on the device.

Locally stored information may include:

• Attendance logs
• Visit records
• Customer operational details
• Pending uploads
• Location information
• Images and documents
• Operational feedback

Offline records are synchronized with backend systems when network connectivity becomes available.

10. Analytics, Diagnostics, and Application Health

The Application may use third-party services such as Firebase Analytics, Firebase Crashlytics, Firebase Cloud Messaging, and Google Maps services.

These services support:

• Crash reporting
• Diagnostics
• Performance monitoring
• Notification delivery
• Application stability
• Navigation and map-related functionality
• Operational reliability

11. Data Retention

We retain information only for operational, legal, audit, security, and business purposes.

Current retention practices include:

• Location logs retained approximately 30 days
• Attendance logs retained approximately 2 months
• Crash and diagnostic logs retained approximately 30 days
• Uploaded operational documents retained until account deletion or operational removal

12. Data Sharing and Disclosure

We do not sell personal information.

Information may be shared with:

• Authorized enterprise administrators
• Trusted service providers
• Cloud infrastructure providers
• Analytics and crash reporting providers
• Notification and mapping services

13. Data Security

We implement commercially reasonable technical and organizational security measures intended to protect information from unauthorized access, misuse, alteration, disclosure, or destruction.

Security practices may include:

• Secure HTTPS communication
• Authenticated API access
• App-restricted local storage
• Controlled backend access
• Secure synchronization workflows

14. Employee Monitoring and Operational Tracking

Operational monitoring may occur during active work sessions for purposes including:

• Attendance validation
• Operational tracking
• Distance verification
• Field visit monitoring
• Workflow authenticity
• Fraud prevention

15. User Rights and Choices

Users may:

• Revoke permissions through Android device settings
• Disable GPS functionality
• Manage notification preferences
• Request operational support
• Request account removal or access revocation through their organization's administrator or HR department

16. Account Deletion and Access Revocation

The CollectX Application uses an enterprise, admin-managed account model. Individual users cannot create or delete their own accounts within the Application.

Account Creation: User accounts are created and provisioned exclusively by authorized administrators of the organization using the CollectX platform.

Account Deletion / Access Revocation:

When an employee leaves the organization, is no longer interested, or is no longer authorized to use the Application, the organization's administrator may:

• Remove the user account from the system, or
• Deactivate the user account to revoke access

Upon account removal or deactivation by the administrator:

• Account access is revoked immediately
• The user can no longer log in or access Application features
• Personal and operational data associated with the account may be permanently deleted within approximately 7 days, except where retention is required for legal obligations, security, fraud prevention, dispute resolution, tax, regulatory, or audit purposes

Employee Request to Remove Account:

If an employee no longer wishes to use the Application or has left the organization, they should contact their organization's administrator or HR department to request account removal or deactivation. For general privacy inquiries, users may contact us using the support information in Section 21. Certain enterprise operational records submitted by the organization may be retained by the organization in accordance with applicable contractual, business, legal, or compliance obligations.

User accounts are created, managed, and deleted exclusively by authorized administrators of the organization. Individual users cannot create or delete their own accounts through the Application.

17. Children’s Privacy

The Application is intended only for authorized business and enterprise users.

The Application is not directed toward children and is not designed for use by individuals under applicable minimum legal age requirements.

18. Third-Party Services

The Application may use third-party services including but not limited to:

• Firebase Analytics
• Firebase Crashlytics
• Firebase Cloud Messaging
• Google Maps Services

19. India Region Usage

The Application is intended primarily for operational usage within India.

20. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect:

• Operational changes
• Security updates
• Legal requirements
• Feature changes
• Compliance updates

21. Contact Us